Search code examples
javaweb-servicesjava-metro-frameworkusernametoken

JAXWS Metro client for secured webservice with usernametoken profile

i want to consume a webservice that uses oasis style username token profile ( http://www.oasis-open.org/committees/download.php/16782/wss-v1.1-spec-os... ).

I was able to do it with CXF and Weblogic clients BUT iw woul like to use a pure Metro client.

Do you know how can I do that ?

Thanks.

CXF sample:

 serviceClientPort = clientFactory.buildClientPort(wsdlUrl,null);
 org.apache.cxf.endpoint.Client clientProxy = ClientProxy.getClient(serviceClientPort);
 org.apache.cxf.endpoint.Endpoint cxfEndpoint = clientProxy.getEndpoint();
 Map<String, Object> outProps = new HashMap<String, Object>();
 outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
 outProps.put(WSHandlerConstants.USER, "someuser");
 outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
 outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,CapHardcodedPassProvider.class.getName());
 WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
 cxfEndpoint.getOutInterceptors().add(wssOut);

Weblogic client :

CallService callService = new CallService(wsdlUrl,CAP_QNAME);
CallServicePort port = callService.getCallServiceSoapPort(new WebServiceFeature[] { cpf });
BindingProvider bindingProvider = (BindingProvider) port;
Map<String, Object> rc = (Map<String, Object>) bindingProvider.getRequestContext();
List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();
credProviders.add(new ClientUNTCredentialProvider(USERNAME.getBytes(), PASSWORD.getBytes()));
Solution 
  • private void addUsernameTokenProfile(WebService webServicePort, String username, String password) {
    try
    {
        final String SECURITY_NAMESPACE =
                "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

        SOAPFactory soapFactory = SOAPFactory.newInstance();
        QName securityQName = new QName(SECURITY_NAMESPACE, "Security");
        SOAPElement security = soapFactory.createElement(securityQName);
        QName tokenQName = new QName(SECURITY_NAMESPACE, "UsernameToken");
        SOAPElement token = soapFactory.createElement(tokenQName);
        QName userQName = new QName(SECURITY_NAMESPACE, "Username");
        SOAPElement soapUsername = soapFactory.createElement(userQName);
        soapUsername.addTextNode(username);
        QName passwordQName = new QName(SECURITY_NAMESPACE, "Password");
        SOAPElement soapPassword = soapFactory.createElement(passwordQName);
        soapPassword.addTextNode(password);
        token.addChildElement(soapUsername);
        token.addChildElement(soapPassword);
        security.addChildElement(token);
        Header header = Headers.create(security);
        ((WSBindingProvider) webServicePort).setOutboundHeaders(header);
}}